Dear List,
I am a Ph.D. student at Cornell ORIE. I saw a Dell Optiplex 7050 SFF lying around in our department and decided to install OpenBSD on it. The machine does not have WiFi connectivity, but there is an RJ45 Ethernet jack, so I plugged a cable in, and wrote a standard hostname.em0
werebane# cat /etc/hostname.em0inet autoconfinet6 autoconf
After "doas /etc/netstart", The output of ifconfig looks fine
werebane# ifconfiglo0: flags=2008049<UP,LOOPBACK,RUNNING,MULTICAST,LRO> mtu 32768index 3 priority 0 llprio 3groups: loinet6 ::1 prefixlen 128inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3inet 127.0.0.1 netmask 0xff000000em0: flags=a48843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,AUTOCONF6TEMP,AUTOCONF6,AUTOCONF4> mtu 1500lladdr 54:bf:64:5d:02:beindex 1 priority 0 llprio 3groups: egressmedia: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)status: activeinet6 fe80::56bf:64ff:fe5d:2be%em0 prefixlen 64 scopeid 0x1inet 10.236.181.231 netmask 0xffffff00 broadcast 10.236.181.255enc0: flags=0<>index 2 priority 0 llprio 3groups: encstatus: activepflog0: flags=141<UP,RUNNING,PROMISC> mtu 33136index 4 priority 0 llprio 3groups: pflog
werebane# ping -c 4 google.comPING google.com (132.236.61.7): 56 data bytes64 bytes from 132.236.61.7: icmp_seq=0 ttl=61 time=0.737 ms64 bytes from 132.236.61.7: icmp_seq=1 ttl=61 time=0.653 ms64 bytes from 132.236.61.7: icmp_seq=2 ttl=61 time=0.738 ms64 bytes from 132.236.61.7: icmp_seq=3 ttl=61 time=0.646 ms--- google.com ping statistics ---4 packets transmitted, 4 packets received, 0.0% packet lossround-trip min/avg/max/std-dev = 0.646/0.693/0.738/0.044 mwerebane# traceroute -n google.comtraceroute to google.com (132.236.61.7), 64 hops max, 40 byte packets1 * 132.236.181.1 7.108 ms 1.274 ms2 132.236.222.161 0.443 ms 128.253.222.161 0.524 ms 0.305 ms3 128.253.222.114 0.572 ms 132.236.222.110 0.671 ms 128.253.222.114 0.735 ms4 132.236.61.7 0.703 ms 0.688 ms 0.673 m
However, I got a "Connection refused" error when trying to install packages
werebane# pkg_add curlhttps://cdn.openbsd.org/pub/OpenBSD/7.6/packages-stable/amd64/: ftp: connect: Connection refusedhttps://cdn.openbsd.org/pub/OpenBSD/7.6/packages/amd64/: ftp: connect: Connection refusedhttps://cdn.openbsd.org/pub/OpenBSD/7.6/packages/amd64/: emptyCan't find curl
What about another mirror? Still connection refused
werebane$ doas pkg_add -vvvvv curlftp://ftp.usa.openbsd.org/pub/OpenBSD/7.6/packages-stable/amd64/: ftp: connect: Connection refusedftp: Can't connect or login to host `ftp.usa.openbsd.org'^Cpkg_add: Caught SIGINT
Besides FTP (port 21), I also cannot use SSH or access websites via HTTPS (port 443). However, I can somehow connect to HTTP (port 80) on remote servers.
werebane# nc -z google.com 80; echo $?Connection to google.com (132.236.61.7) 80 port [tcp/www] succeeded!0werebane# pfctl -d; nc -z google.com 443; echo $?; pfctl -epf disabled1pf enabled
I'm also attaching the output of tcpdump in case it helps
werebane# tcpdump -ntvvqX -s 1440 -i em0 host google.comtcpdump: listening on em0, link-type EN10MB10.236.181.231.28027 > 132.236.61.7.443: tcp 0 (DF) (ttl 64, id 2873, len 64)0000: 4500 0040 0b39 4000 4006 acb8 0aec b5e7 E..@.9@.@.......0010: 84ec 3d07 6d7b 01bb 1ee5 d762 0000 0000 ..=.m{.....b....0020: b002 4000 82f9 0000 0204 05b4 0101 0402 ..@.............0030: 0103 0306 0101 080a b61e 9643 0000 0000 ...........C....132.236.61.7.443 > 10.236.181.231.28027: tcp 0 (DF) (ttl 61, id 0, len 40)0000: 4500 0028 0000 4000 3d06 bb09 84ec 3d07 E..(..@.=.....=.0010: 0aec b5e7 01bb 6d7b 0000 0000 1ee5 d763 ......m{.......c0020: 5014 0000 c78a 0000 0000 0000 0000 P.............10.236.181.231.48663 > 132.236.61.7.443: tcp 0 (DF) (ttl 64, id 3818, len 64)0000: 4500 0040 0eea 4000 4006 a907 0aec b5e7 E..@..@.@.......0010: 84ec 3d07 be17 01bb def3 7e7a 0000 0000 ..=.......~z....0020: b002 4000 82f9 0000 0204 05b4 0101 0402 ..@.............0030: 0103 0306 0101 080a 9885 1905 0000 0000 ................132.236.61.7.443 > 10.236.181.231.48663: tcp 0 (DF) (ttl 61, id 0, len 40)0000: 4500 0028 0000 4000 3d06 bb09 84ec 3d07 E..(..@.=.....=.0010: 0aec b5e7 01bb be17 0000 0000 def3 7e7b ..............~{0020: 5014 0000 0fc8 0000 0000 0000 0000 P.............10.236.181.231 > 132.236.61.7: icmp: 8 0 [icmp cksum ok] (ttl 255, id 33893, len 84)0000: 4500 0054 8465 0000 ff01 b47c 0aec b5e7 E..T.e.....|....0010: 84ec 3d07 0800 dfab b582 0000 8ee7 3453 ..=...........4S0020: 7f97 a013 eee5 a00c ad96 8f97 2107 4942 ............!.IB0030: f44b e2b2 1819 1a1b 1c1d 1e1f 2021 2223 .K.......... !"#0040: 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 $%&'()*+,-./01230050: 3435 3637 4567132.236.61.7 > 10.236.181.231: icmp: 0 0 [icmp cksum ok] (ttl 61, id 52978, len 84)0000: 4500 0054 cef2 0000 3d01 2bf0 84ec 3d07 E..T....=.+...=.0010: 0aec b5e7 0000 e7ab b582 0000 8ee7 3453 ..............4S0020: 7f97 a013 eee5 a00c ad96 8f97 2107 4942 ............!.IB0030: f44b e2b2 1819 1a1b 1c1d 1e1f 2021 2223 .K.......... !"#0040: 2425 2627 2829 2a2b 2c2d 2e2f 3031 3233 $%&'()*+,-./01230050: 3435 3637 4567
Initially I thought this might be due to some firewall configuration in our department, but that is unlikely because I'm trying to access ports on *remote* machines. Moreover, another Windows machine connecting to the same network switch have no problem accessing websites via HTTPS.
How do I connect to ports other than 80 on remote machines? Any thoughts are appreciated!
Bests,
Qingyao
No comments:
Post a Comment